HTC, makers of many modern Android phones, introduced a giant security hole with a recent update. How big is this hole? Big enough to leak users accounts, email addresses, GPS locations, and system logs.

An exhaustive report on the site Android Police appeared October 1 about the work of security researcher Trevor Eckhart. Screenshots abound, as well as a list of phones affected by the security hole. Any app with Internet access can read, copy, and export critical log files full of information that should be kept secure.

Yes, HTC was notified. No, they didn't respond or take any action whatsoever. After waiting, Eckhart put the word of this security snafu out into the world. HTC has released a statement now, but has yet to explain the lack of security for their HTClogger.apk program, and how they plan to patch their serious vulnerability.

Yes, it's serious

even someone like me with only two weeks of android programming experience can coded something up to send out the data in question.

Interesting, fortunately for me, htclogger.apk is one of the first files I removed when clearing out the junk on my Evo 4g after I updated it. I just didn't like the sound of its name. And once removed it seemed to have no adverse effect on how the phone works.